PkgRadar

npm · registry.npmjs.org

@bundlekit/bundler-vite

Install Lifecycle Suppresses Failure: postinstall="pnpm patch-package || exit 0"

Why PkgRadar flagged 0.0.11

SeveritySignalEvidence
highInstall Lifecycle Suppresses Failurepostinstall="pnpm patch-package || exit 0" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.0.11High risk252026-06-13
0.0.10High risk252026-06-13
0.0.9High risk252026-06-13
0.0.8High risk252026-06-10
0.0.7High risk172026-06-10
0.0.5High risk172026-06-10
0.0.6High risk172026-06-10
0.0.14High risk252026-06-10
0.0.13High risk252026-06-10
0.0.12High risk252026-06-10

Block this in CI

PkgRadar gates @bundlekit/bundler-vite (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @bundlekit/[email protected]
Start free — 25 scans / moView full evidence